The Canada’s tax collection agency, the Canada Revenue Agency (CRA), has been hit with the Heartbleed attack, with hackers stealing the data of about 900 citizens.
According to the agency, hackers exploited the Heartbleed vulnerability to remove social insurance numbers, which are used for employment and accessing government benefits, and other information from the CRA systems.
The agency noted: "Based on our analysis to date, Social Insurance Numbers (SIN) of approximately 900 taxpayers were removed from CRA systems by someone exploiting the Heartbleed vulnerability.
"We are currently going through the painstaking process of analysing other fragments of data, some that may relate to businesses, that were also removed."
Canada’s tax collection agency, however, has re-launched its online services, which were taken offline since learning of the issue on 08 April 2014.
"Since then, the CRA worked around the clock to implement a "patch" for the bug, vigorously test all systems to ensure they were safe and secure, and re-launch our online services late yesterday," the agency added.
British parenting site Mumsnet also notified its consumers to reset their passwords in the wake of a Heartbleed-related vulnerability.
Discovered by researchers at Google and Finnish security firm Codenomicon, the ‘Heartbleed’ bug allows hackers to access the memory of systems that currently run the OpenSSL cryptographic software library used by several websites worldwide that could enable attackers to compromise a range of information without being seen.
I
